The present disclosure relates generally to information handling systems, and more particularly to system for monitoring microbursts in an information handling system.
As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
Some information handling systems such as, for example, networking devices (e.g., switches, routers, etc.) are utilized in routing data traffic through one or more paths in a network. In some situations, network applications may send data traffic simultaneously over the same path. For example, in storage area networks (SANs), financial networks, and/or other networks known in the art, data traffic can peak over the same path at the same time when rapid bursts of data packets are sent in quick succession in a phenomenon referred to as micro-bursting. Networking devices typically respond to micro-bursting and similar activity by queuing the data traffic when the bandwidth of a path is exceeded. However, such queuing increases latency, and in extreme situations the queues of the networking device can become filled in a matter of milliseconds, causing packets to be dropped. Such latency and packet dropping can also contribute to momentary network congestion by causing Transport Control Protocol (TCP) retransmissions.
The causes of congestion issues resulting from micro-bursting are often difficult, if not impossible, to determine in busy networks due to the lack of persistent information in the affected networking devices. For example, source information in packets may be tracked using existing Media Access Control (MAC) address and Address Resolution Protocol (ARP) tables, but such tracking does not include usage information that could be used to isolate microburst events (e.g., conventional MAC and ARP tables may only track addresses of packets or frames that are currently being processed). Some networking devices track usage information, but that usage information is spread over large time frames (e.g., 30 to 300 seconds) and is not associated with the addressing information. With micro-bursting occurring over much shorter durations (e.g., milliseconds), such activity ends up becoming “averaged out” with the normal traffic statistical views. Thus, micro-bursting events typically go undetected at the administration reporting levels.
Accordingly, it would be desirable to provide an improved microburst monitoring system.